package com.example.controller;


import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class TestController {

    @RequestMapping("/hello")
    @ResponseBody
    public String hello(){
        return "hello_security";
    }

    /**
     * @Secured(value = {"ROLE_USER","ROLE_ADMIN"})
     * 添加在请求映射方法上，表示访问的用户必须具有的权限信息
     */

    @RequestMapping("/")
    @ResponseBody
    @Secured(value = {"ROLE_USER","ROLE_ADMIN"})
    public String index(){
        return "user_success";
    }

    @RequestMapping("/admin")
    @ResponseBody
    @Secured(value = {"ROLE_ADMIN"})
    public String admin(){
        return "admin_success";
    }


}
